Merge remote-tracking branch 'ni/master'
This commit is contained in:
commit
915e4b8437
@ -49,6 +49,7 @@ let
|
|||||||
./rtorrent.nix
|
./rtorrent.nix
|
||||||
./secret.nix
|
./secret.nix
|
||||||
./setuid.nix
|
./setuid.nix
|
||||||
|
./shadow.nix
|
||||||
./syncthing.nix
|
./syncthing.nix
|
||||||
./tinc.nix
|
./tinc.nix
|
||||||
./tinc_graphs.nix
|
./tinc_graphs.nix
|
||||||
|
@ -88,7 +88,7 @@ with import <stockholm/lib>;
|
|||||||
fi
|
fi
|
||||||
done < "$paths"
|
done < "$paths"
|
||||||
'';
|
'';
|
||||||
PrivateTemp = true;
|
PrivateTmp = true;
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
RestartSec = 10;
|
RestartSec = 10;
|
||||||
UMask = plan.umask;
|
UMask = plan.umask;
|
||||||
|
79
krebs/3modules/shadow.nix
Normal file
79
krebs/3modules/shadow.nix
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: let
|
||||||
|
|
||||||
|
cfg = config.krebs.shadow;
|
||||||
|
|
||||||
|
mergeShadowsJq = pkgs.writeJq "merge-shadows.jq" ''
|
||||||
|
def fields_3_to_9: ["1", "", "", "", "", "", ""];
|
||||||
|
|
||||||
|
def read_value:
|
||||||
|
split(":") |
|
||||||
|
if length == 9 then
|
||||||
|
if .[2:] == fields_3_to_9 then
|
||||||
|
.
|
||||||
|
else
|
||||||
|
error("unrecognized field contents")
|
||||||
|
end
|
||||||
|
elif length == 2 then
|
||||||
|
if .[1] | test("^\\$6\\$") then
|
||||||
|
. + fields_3_to_9
|
||||||
|
else
|
||||||
|
error("unrecognized hashed password")
|
||||||
|
end
|
||||||
|
else
|
||||||
|
error("unexpected field count: expected 9 or 2, got \(length)")
|
||||||
|
end;
|
||||||
|
|
||||||
|
def write_value:
|
||||||
|
join(":");
|
||||||
|
|
||||||
|
split("\n") |
|
||||||
|
map(select(length > 0) | read_value) |
|
||||||
|
|
||||||
|
reverse |
|
||||||
|
unique_by(.[0]) |
|
||||||
|
map(write_value) |
|
||||||
|
sort |
|
||||||
|
|
||||||
|
join("\n")
|
||||||
|
'';
|
||||||
|
|
||||||
|
in {
|
||||||
|
|
||||||
|
options.krebs.shadow = {
|
||||||
|
enable = mkEnableOption "krebs.shadow" // {
|
||||||
|
default = cfg.overridesFile != null;
|
||||||
|
};
|
||||||
|
overridesFile = mkOption {
|
||||||
|
apply = x: if typeOf x == "path" then toString x else x;
|
||||||
|
default = null;
|
||||||
|
description = ''
|
||||||
|
Path to a file containing additional shadow entries, used for adding
|
||||||
|
encrypted passwords which should not be placed into the Nix store.
|
||||||
|
|
||||||
|
The overrides file may contain either regular shadow(5) entries like:
|
||||||
|
|
||||||
|
<code><login-name>:<hashed-password>:1::::::</code>
|
||||||
|
|
||||||
|
Or shortened entries only containing login name and password like:
|
||||||
|
|
||||||
|
<code><login-name>:<hashed-password></code>
|
||||||
|
'';
|
||||||
|
type = types.nullOr (types.either types.path types.absolute-pathname);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = let
|
||||||
|
in mkIf cfg.enable {
|
||||||
|
system.activationScripts.users-tv = stringAfter [ "users" ] /* sh */ ''
|
||||||
|
(
|
||||||
|
set -efu
|
||||||
|
umask 77
|
||||||
|
${pkgs.jq}/bin/jq -Rrs -f ${mergeShadowsJq} \
|
||||||
|
/etc/shadow ${cfg.overridesFile} > /etc/shadow~
|
||||||
|
${pkgs.coreutils}/bin/mv /etc/shadow /etc/shadow-
|
||||||
|
${pkgs.coreutils}/bin/mv /etc/shadow~ /etc/shadow
|
||||||
|
)
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
@ -4,11 +4,11 @@
|
|||||||
}:
|
}:
|
||||||
mkDerivation {
|
mkDerivation {
|
||||||
pname = "flameshot-once";
|
pname = "flameshot-once";
|
||||||
version = "1.1.0";
|
version = "1.2.0";
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = "https://cgit.krebsco.de/flameshot-once";
|
url = "https://cgit.krebsco.de/flameshot-once";
|
||||||
sha256 = "158ha1yyj3p3mdjjga62j91ml83nhrsg34xbg3dir5cb399j8pxx";
|
sha256 = "01c11dk8ss37awfn9xqsgx668dcrf4kvzfxlq7ycnqsnpbjjvm0a";
|
||||||
rev = "9d688b6ffad14912bd1afe42555747cb3d213d95";
|
rev = "cebaefa37095e74ad2253c4e2f9d9ab390f88737";
|
||||||
fetchSubmodules = true;
|
fetchSubmodules = true;
|
||||||
};
|
};
|
||||||
isLibrary = false;
|
isLibrary = false;
|
||||||
|
@ -29,7 +29,7 @@ let
|
|||||||
|
|
||||||
eval = evalModules {
|
eval = evalModules {
|
||||||
modules = singleton {
|
modules = singleton {
|
||||||
_file = toString ./config.nix;
|
_file = toString ./profile.nix;
|
||||||
imports = singleton config;
|
imports = singleton config;
|
||||||
options = {
|
options = {
|
||||||
buttons = mkOption {
|
buttons = mkOption {
|
||||||
@ -77,6 +77,14 @@ let
|
|||||||
default = false;
|
default = false;
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
};
|
};
|
||||||
|
timeout = mkOption {
|
||||||
|
default = 100;
|
||||||
|
description = ''
|
||||||
|
Maximum time in milliseconds allowed for the flameshot daemon to
|
||||||
|
react.
|
||||||
|
'';
|
||||||
|
type = types.positive;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -125,5 +133,6 @@ in
|
|||||||
|
|
||||||
pkgs.writeDash "flameshot.profile" ''
|
pkgs.writeDash "flameshot.profile" ''
|
||||||
export FLAMESHOT_CAPTURE_PATH=${cfg.savePath}
|
export FLAMESHOT_CAPTURE_PATH=${cfg.savePath}
|
||||||
|
export FLAMESHOT_ONCE_TIMEOUT=${toString cfg.timeout}
|
||||||
export XDG_CONFIG_HOME=${XDG_CONFIG_HOME}
|
export XDG_CONFIG_HOME=${XDG_CONFIG_HOME}
|
||||||
''
|
''
|
||||||
|
@ -17,6 +17,7 @@ with import <stockholm/lib>;
|
|||||||
./bash
|
./bash
|
||||||
./htop.nix
|
./htop.nix
|
||||||
./nginx
|
./nginx
|
||||||
|
./pki
|
||||||
./ssh.nix
|
./ssh.nix
|
||||||
./sshd.nix
|
./sshd.nix
|
||||||
./vim.nix
|
./vim.nix
|
||||||
@ -90,15 +91,6 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
{
|
|
||||||
environment.variables =
|
|
||||||
flip genAttrs (_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt") [
|
|
||||||
"CURL_CA_BUNDLE"
|
|
||||||
"GIT_SSL_CAINFO"
|
|
||||||
"SSL_CERT_FILE"
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
{
|
{
|
||||||
services.cron.enable = false;
|
services.cron.enable = false;
|
||||||
services.nscd.enable = false;
|
services.nscd.enable = false;
|
||||||
|
@ -8,5 +8,6 @@
|
|||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
manpages
|
manpages
|
||||||
posix_man_pages
|
posix_man_pages
|
||||||
|
xorg.xorgdocs
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
31
tv/2configs/pki/certs/tv.crt
Normal file
31
tv/2configs/pki/certs/tv.crt
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
tv Root CA
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFGzCCAwOgAwIBAgIUbLFkDA1OgKbej/FQiJZ4gpGPg/4wDQYJKoZIhvcNAQEL
|
||||||
|
BQAwFTETMBEGA1UEAwwKdHYgUm9vdCBDQTAeFw0xOTA0MjEwNzI1MTdaFw0yOTA0
|
||||||
|
MTgwNzI1MTdaMBUxEzARBgNVBAMMCnR2IFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4ICDwAwggIKAoICAQDEVpZo1PLayK2AULwNtRY/2RIs/h+Uz1k/I7AY5o7H
|
||||||
|
HTD6pxNH3DZS82Y89nAHDVEnotK26TW6N1O2fBHUxH2GXVD+MaA/D9ngbNTJa7DW
|
||||||
|
2EThezOyesAbXk7dkoHh4Bouj5L7Ronka5+IREFmb3mHmcXLuR/sot9Pwr9A7Lwm
|
||||||
|
55Avv+VwMFnqVMXiCYQsDL7Mxf7Vm79+kXShpfDhNmHhyZc/xPjVk7lttSEp0LCq
|
||||||
|
hhJjte3xDGbk7OThTSxoqP+K4Ek7NGatCcm4AUZlDl1kLN2QKudYqj0VRQpfE+4Q
|
||||||
|
jMAAtttc/10MV0e08pRK0FvJsDsi70YZrHnDP6hIBrRNjC8iB/8rz2pjnYzgriUt
|
||||||
|
HHEDr26234VB5Zqhsi8pmXA16FVkoKlucADXXKEcR/3VreTvZLdSsP3OrDdSCwhi
|
||||||
|
H2W/7tshDPp+I9Q9fGNixry7PODbud1h/wLsq3Geg/U6VkDdl7uDNMB/O7LvlFaC
|
||||||
|
7jkHv/xFLqV1Xx9+yFMdJTKLf9jnIIjeINfV4VcJZDrtgGpnC6cYD5DNLA4j7Mny
|
||||||
|
EnBV9IRhmKiZLvUZP62dPhqIfSSPNxXV2+rT5ZfaXCuVe79R5npgJzF7/qslvnZ6
|
||||||
|
0mjZfQdJiXY+/oT9zPUxTroFx7Qtda15aIVwXR+1cMRY/Hg/uBQyp7yWsvwhPYwH
|
||||||
|
awIDAQABo2MwYTAdBgNVHQ4EFgQUWYjGpR7J/UqggxQV87hBQ8ZT0qkwHwYDVR0j
|
||||||
|
BBgwFoAUWYjGpR7J/UqggxQV87hBQ8ZT0qkwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
|
||||||
|
HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAA++eAA7KLEd4n05n8w95sJ7
|
||||||
|
cxqQSkVxV3ASnEUQRwVGo3CqEKcNufbCTG7KKGQFUi2Xd3/SWgnEiSZZWo06azbV
|
||||||
|
vlquG+9ilwnrnqfjlbUEjLMHDzukrEeIiRuFY7gZv6S2o4WkW/M9IPkP34+PRjip
|
||||||
|
AJ8kFcy7wLPaeH7OagslAVUcf68lMm+8W4U1g0HZaY2zXFgdRrIO1dXKlJ22Wh4X
|
||||||
|
fcblHjkASAGi+BK+xRJ9G7s3sie2wPyk+WKKv0Z+WheKf+L+TPBg2sJ+d25gW+gG
|
||||||
|
XNJSQOzCqSfHrCtcW1xkGgifog28/ymN03ggn8oMBUebOp+ayLkbPQDaj6te3y1v
|
||||||
|
YE0cfkzQ0T6sSzPzoOrwBEuSX8cLWTpzO2Zgqbf36UtHjgxi58vY46p7MjAInxAf
|
||||||
|
j+k67rF7qWH38drg4nfGjNgiEdeJw9dtDFdmso+ZiWipUyGF4VYh+Q6JnXDMF0+A
|
||||||
|
wXcYWa7ckXvVOLVpHJfrLDYTXznGnk2u4ToVNEk1j/klMRn96lxfFg04iv8fz8m6
|
||||||
|
/Y8g0G1uIT5Mq9l68oZUoEkUHZabPNhYOiYtg4t5v/T3AIV8nm2A5jZYj0am26xT
|
||||||
|
iqF/tqL3alWXs9OHP7FNdrVWtwO8vcspYcd4mOHdAC/dmhq+77BowR5Lldx9T+mR
|
||||||
|
QT8jW9PXL0IH0wKMBXxf
|
||||||
|
-----END CERTIFICATE-----
|
68
tv/2configs/pki/default.nix
Normal file
68
tv/2configs/pki/default.nix
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: let
|
||||||
|
|
||||||
|
certFile = config.environment.etc."ssl/certs/ca-certificates.crt".source;
|
||||||
|
|
||||||
|
in {
|
||||||
|
|
||||||
|
environment.etc."pki/nssdb".source =
|
||||||
|
pkgs.runCommand "system-wide-nssdb" {
|
||||||
|
inherit certFile;
|
||||||
|
buildInputs = [
|
||||||
|
pkgs.jq
|
||||||
|
pkgs.nssTools
|
||||||
|
];
|
||||||
|
parseInfoScript = /* jq */ ''
|
||||||
|
${toJSON certFile} as $certFile |
|
||||||
|
|
||||||
|
split("\t-----END CERTIFICATE-----\n")[] |
|
||||||
|
select(test("\t-----BEGIN CERTIFICATE-----\n")) |
|
||||||
|
. + "\t-----END CERTIFICATE-----\n" |
|
||||||
|
|
||||||
|
sub("^([0-9]+\t\n)*";"") |
|
||||||
|
|
||||||
|
(match("^([0-9]+)\t").captures[0].string | tonumber) as $lineNumber |
|
||||||
|
|
||||||
|
gsub("(?m)^[0-9]+\t";"") |
|
||||||
|
|
||||||
|
match("^([^\n]+)\n(.*)";"m").captures | map(.string) |
|
||||||
|
|
||||||
|
# Line numbers are added to the names to ensure uniqueness.
|
||||||
|
"\(.[0]) (\($certFile):\($lineNumber))" as $name |
|
||||||
|
.[1] as $cert |
|
||||||
|
|
||||||
|
{ $name, $cert }
|
||||||
|
'';
|
||||||
|
passAsFile = [
|
||||||
|
"parseInfoScript"
|
||||||
|
];
|
||||||
|
} /* sh */ ''
|
||||||
|
mkdir nssdb
|
||||||
|
|
||||||
|
nl -ba -w1 "$certFile" |
|
||||||
|
jq -ceRs -f "$parseInfoScriptPath" > certinfo.ndjson
|
||||||
|
|
||||||
|
exec < certinfo.ndjson
|
||||||
|
while read -r certinfo; do
|
||||||
|
name=$(printf %s "$certinfo" | jq -er .name)
|
||||||
|
cert=$(printf %s "$certinfo" | jq -er .cert)
|
||||||
|
|
||||||
|
printf %s "$cert" | certutil -A -d nssdb -n "$name" -t C,C,C
|
||||||
|
done
|
||||||
|
|
||||||
|
mv nssdb "$out"
|
||||||
|
'';
|
||||||
|
|
||||||
|
environment.variables = flip genAttrs (_: toString certFile) [
|
||||||
|
"CURL_CA_BUNDLE"
|
||||||
|
"GIT_SSL_CAINFO"
|
||||||
|
"SSL_CERT_FILE"
|
||||||
|
];
|
||||||
|
|
||||||
|
security.pki.certificateFiles =
|
||||||
|
mapAttrsToList
|
||||||
|
(name: const (./certs + "/${name}"))
|
||||||
|
(filterAttrs (const (eq "regular"))
|
||||||
|
(readDir ./certs));
|
||||||
|
|
||||||
|
}
|
@ -1,58 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
pkgs.writeText "Xresources" /* xdefaults */ ''
|
|
||||||
URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’"
|
|
||||||
URxvt*eightBitInput: false
|
|
||||||
URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
|
||||||
URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
|
||||||
URxvt*scrollBar: false
|
|
||||||
URxvt*background: #050505
|
|
||||||
URxvt*foreground: #d0d7d0
|
|
||||||
URxvt*cursorColor: #f042b0
|
|
||||||
URxvt*cursorColor2: #f0b000
|
|
||||||
URxvt*cursorBlink: off
|
|
||||||
URxvt*jumpScroll: true
|
|
||||||
URxvt*allowSendEvents: false
|
|
||||||
URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
|
|
||||||
URxvt*cutNewline: False
|
|
||||||
URxvt*cutToBeginningOfLine: False
|
|
||||||
|
|
||||||
URxvt*color0: #232342
|
|
||||||
URxvt*color3: #c07000
|
|
||||||
URxvt*color4: #4040c0
|
|
||||||
URxvt*color7: #c0c0c0
|
|
||||||
URxvt*color8: #707070
|
|
||||||
URxvt*color9: #ff6060
|
|
||||||
URxvt*color10: #70ff70
|
|
||||||
URxvt*color11: #ffff70
|
|
||||||
URxvt*color12: #7070ff
|
|
||||||
URxvt*color13: #ff50ff
|
|
||||||
URxvt*color14: #70ffff
|
|
||||||
URxvt*color15: #ffffff
|
|
||||||
|
|
||||||
URxvt*iso14755: False
|
|
||||||
|
|
||||||
URxvt*urgentOnBell: True
|
|
||||||
URxvt*visualBell: True
|
|
||||||
|
|
||||||
! ref https://github.com/muennich/urxvt-perls
|
|
||||||
URxvt*perl-ext: default,url-select
|
|
||||||
URxvt*keysym.M-u: perl:url-select:select_next
|
|
||||||
URxvt*url-select.launcher: /etc/per-user/${config.krebs.build.user.name}/bin/ff -new-tab
|
|
||||||
URxvt*url-select.underline: true
|
|
||||||
URxvt*colorUL: #4682B4
|
|
||||||
URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
|
|
||||||
URxvt*saveLines: 10000
|
|
||||||
|
|
||||||
root-urxvt*background: #230000
|
|
||||||
root-urxvt*foreground: #e0c0c0
|
|
||||||
root-urxvt*BorderColor: #400000
|
|
||||||
root-urxvt*color0: #800000
|
|
||||||
|
|
||||||
fzmenu-urxvt*background: rgb:42/23/42
|
|
||||||
fzmenu-urxvt*externalBorder: 1
|
|
||||||
fzmenu-urxvt*geometry: 70x9
|
|
||||||
fzmenu-urxvt*internalBorder: 1
|
|
||||||
''
|
|
@ -9,12 +9,16 @@ let
|
|||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
|
|
||||||
|
imports = [
|
||||||
|
./sxiv.nix
|
||||||
|
./urxvt.nix
|
||||||
|
];
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.ff
|
pkgs.ff
|
||||||
pkgs.font-size
|
pkgs.font-size
|
||||||
pkgs.gitAndTools.qgit
|
pkgs.gitAndTools.qgit
|
||||||
pkgs.mpv
|
pkgs.mpv
|
||||||
pkgs.sxiv
|
|
||||||
pkgs.xdotool
|
pkgs.xdotool
|
||||||
pkgs.xsel
|
pkgs.xsel
|
||||||
pkgs.zathura
|
pkgs.zathura
|
||||||
@ -73,7 +77,6 @@ in {
|
|||||||
${pkgs.xorg.xhost}/bin/xhost -LOCAL:
|
${pkgs.xorg.xhost}/bin/xhost -LOCAL:
|
||||||
} &
|
} &
|
||||||
${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} &
|
${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} &
|
||||||
${pkgs.xorg.xrdb}/bin/xrdb ${import ./Xresources.nix args} &
|
|
||||||
${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' &
|
${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' &
|
||||||
wait
|
wait
|
||||||
'';
|
'';
|
||||||
@ -147,19 +150,6 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.urxvtd = {
|
|
||||||
wantedBy = [ "graphical.target" ];
|
|
||||||
restartIfChanged = false;
|
|
||||||
serviceConfig = {
|
|
||||||
SyslogIdentifier = "urxvtd";
|
|
||||||
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = "2s";
|
|
||||||
StartLimitBurst = 0;
|
|
||||||
User = cfg.user.name;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
tv.slock = {
|
tv.slock = {
|
||||||
enable = true;
|
enable = true;
|
||||||
user = cfg.user;
|
user = cfg.user;
|
||||||
|
12
tv/2configs/xserver/sxiv.nix
Normal file
12
tv/2configs/xserver/sxiv.nix
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: let
|
||||||
|
cfg.user = config.krebs.build.user;
|
||||||
|
in {
|
||||||
|
tv.Xresources = {
|
||||||
|
"Sxiv.foreground" = "#232323";
|
||||||
|
"Sxiv.background" = "#424242";
|
||||||
|
};
|
||||||
|
users.users.${cfg.user.name}.packages = [
|
||||||
|
pkgs.sxiv
|
||||||
|
];
|
||||||
|
}
|
73
tv/2configs/xserver/urxvt.nix
Normal file
73
tv/2configs/xserver/urxvt.nix
Normal file
@ -0,0 +1,73 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: let
|
||||||
|
cfg.user = config.krebs.build.user;
|
||||||
|
in {
|
||||||
|
systemd.services.urxvtd = {
|
||||||
|
wantedBy = [ "graphical.target" ];
|
||||||
|
restartIfChanged = false;
|
||||||
|
serviceConfig = {
|
||||||
|
SyslogIdentifier = "urxvtd";
|
||||||
|
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "2s";
|
||||||
|
StartLimitBurst = 0;
|
||||||
|
User = cfg.user.name;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
tv.Xresources = {
|
||||||
|
"URxvt*cutchars" = ''"\\`\"'&()*,;<=>?@[]^{|}‘’"'';
|
||||||
|
"URxvt*eightBitInput" = "false";
|
||||||
|
"URxvt*font" = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
|
||||||
|
"URxvt*boldFont" = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
|
||||||
|
"URxvt*scrollBar" = "false";
|
||||||
|
"URxvt*background" = "#050505";
|
||||||
|
"URxvt*foreground" = "#d0d7d0";
|
||||||
|
"URxvt*cursorColor" = "#f042b0";
|
||||||
|
"URxvt*cursorColor2" = "#f0b000";
|
||||||
|
"URxvt*cursorBlink" = "off";
|
||||||
|
"URxvt*jumpScroll" = "true";
|
||||||
|
"URxvt*allowSendEvents" = "false";
|
||||||
|
"URxvt*charClass" = "33:48,37-38:48,45-47:48,61:48,63-64:48";
|
||||||
|
"URxvt*cutNewline" = "False";
|
||||||
|
"URxvt*cutToBeginningOfLine" = "False";
|
||||||
|
|
||||||
|
"URxvt*color0" = "#232342";
|
||||||
|
"URxvt*color3" = "#c07000";
|
||||||
|
"URxvt*color4" = "#4040c0";
|
||||||
|
"URxvt*color7" = "#c0c0c0";
|
||||||
|
"URxvt*color8" = "#707070";
|
||||||
|
"URxvt*color9" = "#ff6060";
|
||||||
|
"URxvt*color10" = "#70ff70";
|
||||||
|
"URxvt*color11" = "#ffff70";
|
||||||
|
"URxvt*color12" = "#7070ff";
|
||||||
|
"URxvt*color13" = "#ff50ff";
|
||||||
|
"URxvt*color14" = "#70ffff";
|
||||||
|
"URxvt*color15" = "#ffffff";
|
||||||
|
|
||||||
|
"URxvt*iso14755" = "False";
|
||||||
|
|
||||||
|
"URxvt*urgentOnBell" = "True";
|
||||||
|
"URxvt*visualBell" = "True";
|
||||||
|
|
||||||
|
# ref https://github.com/muennich/urxvt-perls
|
||||||
|
"URxvt*perl-ext" = "default,url-select";
|
||||||
|
"URxvt*keysym.M-u" = "perl:url-select:select_next";
|
||||||
|
"URxvt*url-select.launcher" =
|
||||||
|
"/etc/profiles/per-user/${cfg.user.name}/bin/ff -new-tab";
|
||||||
|
"URxvt*url-select.underline" = "true";
|
||||||
|
"URxvt*colorUL" = "#4682B4";
|
||||||
|
"URxvt.perl-lib" = "${pkgs.urxvt_perls}/lib/urxvt/perl";
|
||||||
|
"URxvt*saveLines" = "10000";
|
||||||
|
"URxvt*modifier" = "mod1";
|
||||||
|
|
||||||
|
"root-urxvt*background" = "#230000";
|
||||||
|
"root-urxvt*foreground" = "#e0c0c0";
|
||||||
|
"root-urxvt*BorderColor" = "#400000";
|
||||||
|
"root-urxvt*color0" = "#800000";
|
||||||
|
|
||||||
|
"fzmenu-urxvt*background" = "rgb:42/23/42";
|
||||||
|
"fzmenu-urxvt*externalBorder" = "1";
|
||||||
|
"fzmenu-urxvt*geometry" = "70x9";
|
||||||
|
"fzmenu-urxvt*internalBorder" = "1";
|
||||||
|
};
|
||||||
|
}
|
39
tv/3modules/Xresources.nix
Normal file
39
tv/3modules/Xresources.nix
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: let
|
||||||
|
cfg = {
|
||||||
|
enable = config.tv.Xresources != {};
|
||||||
|
user = config.krebs.build.user;
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
options.tv.Xresources = mkOption {
|
||||||
|
default = {};
|
||||||
|
type = types.attrsOf types.str;
|
||||||
|
};
|
||||||
|
config = {
|
||||||
|
nixpkgs.overlays = singleton (self: super: {
|
||||||
|
tv = super.tv or {} // {
|
||||||
|
Xresources =
|
||||||
|
self.writeText "Xresources"
|
||||||
|
(concatStrings (mapAttrsToList (name: value: /* xdefaults */ ''
|
||||||
|
${name}: ${value}
|
||||||
|
'') config.tv.Xresources));
|
||||||
|
};
|
||||||
|
});
|
||||||
|
systemd.services.${if cfg.enable then "Xresources" else null} = {
|
||||||
|
wantedBy = [ "graphical.target" ];
|
||||||
|
after = [ "xserver.service" ];
|
||||||
|
requires = [ "xserver.service" ];
|
||||||
|
environment = {
|
||||||
|
DISPLAY = ":${toString config.services.xserver.display}";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb ${pkgs.tv.Xresources}";
|
||||||
|
RemainAfterExit = true;
|
||||||
|
SyslogIdentifier = "Xresources";
|
||||||
|
Type = "oneshot";
|
||||||
|
User = cfg.user.name;
|
||||||
|
WorkingDirectory = cfg.user.home;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -7,5 +7,6 @@
|
|||||||
./iptables.nix
|
./iptables.nix
|
||||||
./slock.nix
|
./slock.nix
|
||||||
./x0vncserver.nix
|
./x0vncserver.nix
|
||||||
|
./Xresources.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user